New law aids computer security
After an incident last spring in which hackers obtained access to a computer system containing information on 265,000 state employees, Sacramento legislators passed a new law to help protect individuals from misuse of their personal data. Set to go into effect July 1, SB 1386 requires organizations that maintain computerized databases, in the event of a security breach in their computer system, to notify California residents whose personal data may have gotten into the wrong hands as a result. A working group headed by Jacqueline Craig, campus information-technology policy coordinator, has developed guidelines to assist campus units in implementing the law.
Personal information covered by SB 1386 includes a personís first name (or first initial and last name), plus one or more of the following: social security number; driverís license number or California ID number; bank account, credit-card, or debit-card number, with any password or code needed to access the account. Information of this nature is stored in many locations in cyberspace, including campus databases and local spreadsheets.
[ Read more ]